Popular crypto site CoinMarketCap was recently attacked, not for its data, but for planting a fake coin on it to lure users into a trap.
The attack on CoinMarketCap
First of all, the the Pirates created an account for their project on CoinMarketCap, renaming it to CoinMarketCap, the namesake of the site itself.
At this point, they inserted a link to a site that claimed to be CoinMarketCap’s, apparently appearing very similar and believable, but was actually under their control. The tokens were sold on this site.
Hackers then managed to break into CoinMarketCap’s CryptTown social network. They created a series of verified accounts there with which they posted messages stating that they were conducting token sales.
Thus, the comments about the sale of the fraudulent token seemed to come from the official account of CoinMarketCap, as if it was the site itself which was promoting the sale of the token.
The home page of Phishing went live overnight, according to European time. This way, it would take some time for the team to step in and remove it. Moreover, the the Pirates immediately began to advertise it massively.
The fraud happened on the Ethereum and BSC blockchain. Dmitry Mishunin, the founder and CEO of HashEX an auditor of smart contract discovered and published this information.
Thus showing that the hackers managed to collect around 12 ETH and 192 BNB from different investors who were unaware of the fraud.
Some tips to avoid cryptocurrency fraud
Cryptocurrency fraud remains a big problem in the ecosystem.
Indeed, whether in this form or more violent attacks against a site as in the case of Fuse Lending, which suffered a hack of 4.6 million dollars, the cases of hacking are numerous.
The first rule, like everything you can read on the internet, is to cross-reference your sources. When a site or an ad talks about a project, it is important to find out if other more expert sites also talk about this project.
Then, when a project interests you, you have to look for certain elements that show the seriousness of it. As a website without fault and generally having a white paper serious. In addition, it is very important to be able to access the identity of the creators, some serious projects do not disclose it, but overall it is an additional guarantee of insurance.
Another point, most cases of fraud involve unsecured websites. If the padlock icon does not appear in the address bar next to the website, it is not safe to be on that site. Also, also check if the URL is using ‘https’ and not ‘http’ as the latter is not secure.
In the case of the CoinMarketCap scam, Mishunin notes that “the intruders offered to simply send money to a third-party address. » This is often a telltale sign of a scam. Especially when they ask to send crypto to an address and they will send crypto back . “A company this big is unlikely to make a sale without a smart contract and connecting a wallet to the site. added the HashEx CEO.
To go further, you can read our article on the US Better Business Bureau. They ranked cryptocurrency as the second most dangerous type of scam in 2021.
The crypto scams remain a big problem in the crypto ecosystem, with an increase in new investors. However, by keeping in mind a few simple security rules valid for any online investment, it is possible to invest and learn about cryptocurrencies without too much danger. Our last piece of advice is based on the legendary phrase “Too good to be true“.
Receive a summary of news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss any of the essential Cointribune!
Observer of the social, economic and financial revolution driven by cryptocurrencies, defi and metaverses.